Lucene search
HistorySep 29, 2010 - 5:00 p.m.
CVE-2010-3684
synology disk station
ftp authentication
web application interface
sensitive information
vulnerability
5.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
The FTP authentication module in Synology Disk Station 2.x logs passwords to the web application interface in cases of incorrect login attempts, which allows local users to obtain sensitive information by reading a log, a different vulnerability than CVE-2010-2453.
Related
prion
prion
Code injection
2010-09-29 17:00:00
Cross site scripting
2010-09-29 17:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
Synology Disk Station crossite scripting
2010-09-29 00:00:00
packetstorm
packetstorm
cve
cve
CVE-2010-2453
2010-09-29 17:00:00
5.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2010-3684